Skip to content

Linuxserver Docker SWAG usage

Conor McKnight edited this page Jul 3, 2026 · 10 revisions

To use this script with Linux servers docker swag instances to protect Linuxservers SWAG containers from DDoS attacks / exploits is very simple.

You can add to your enviorment variables.

swag:
    image: lscr.io/linuxserver/swag:latest
    cap_add:
      - NET_ADMIN
    container_name: swag
    restart: always
    environment:
      - DOCKER_MODS=linuxserver/mods:universal-package-install
      - INSTALL_PACKAGES=luajit|lua-resty-lrucache|lua-resty-core|nginx-mod-http-lua
    volumes:
      - /path/docker/swag:/config #nginx config path
      - /path/docker/swag/nginx/lua/anti_ddos_challenge.lua:/config/lua/anti_ddos_challenge.lua #direct file

Then you can edit either your nginx.conf file or default.conf / site-confs folder

And add the following to enable the script.

lua_shared_dict antiddos 70m; #Anti-DDoS shared memory zone to track requests per each unique user
access_by_lua_file /config/nginx/lua/anti_ddos_challenge.lua;

Once you saved your nginx.conf or default.conf / site-confs folder be sure to restart the container and all should be working fine and you should be protected.

The reason i use SWAG docker containers is free SSL certs from ZeroSSL or LetsEncrypt this will help prevent DDoS attacks and Flooding of your SWAG containers traffic.

The Flood request and settings can be found here change them to suit your own servers needs. https://github.com/C0nw0nk/Nginx-Lua-Anti-DDoS/blob/master/lua/anti_ddos_challenge.lua#L234

Clone this wiki locally